11–12 Jun 2026 Annual Conference
Stockholm University
Europe/Stockholm timezone

From National Incident Response to Zero Trust: Bridging Cyber Defence Policy and Technical Implementation in Wartime Ukraine

12 Jun 2026, 10:45
10m
D House, Lecture Hall 8 (Stockholm University)

D House, Lecture Hall 8

Stockholm University

Universitetsvägen 10 D, 106 91 Stockholm, Sweden
Paper Abstract (Closed Panels) Cyber and Digital Sovereignty Cyber and Digital Sovereignty

Speakers

Dmytro UzlovMr Vladyslav Vilihura

Description

The ongoing armed conflict in Ukraine has become an unprecedented stress test for national cybersecurity systems, exposing both the capabilities and the limitations of existing cyber-defence architectures under sustained adversary pressure. This paper examines two interrelated dimensions of cybersecurity governance that have acquired acute relevance for European security: national-level prioritization of cyber incidents, and the adoption of zero trust architecture (ZTA) as a paradigm shift in organizational security.

First, the paper presents a multi-factor methodology for prioritizing cyber incidents, intended for use by national CERTs such as CERT-UA. The methodology integrates the Common Vulnerability Scoring System (CVSS) with Ukraine's national criticality levels through a hierarchical structure that provides structured tie-breaking via multi-criteria decision analysis (MCDA). The paper proposes a simulation-based evaluation framework for assessing the methodology's effectiveness in handling high-volume incident streams while preserving a decisive and transparent allocation of resources—a critically important capability for states operating under persistent cyber threat.

Second, the paper analyses the concept of zero trust as a promising security paradigm for European critical infrastructure. Based on a systematic review of international ZTA models and practical enterprise-deployment experience, it identifies the principal barriers to adoption – in particular awareness gaps, shortages of skilled personnel, and organizational complexity – and proposes practical recommendations for policymakers and security practitioners.

By bridging operational-level incident response with strategic architectural transformation, this paper contributes to an interdisciplinary dialogue at the intersection of cybersecurity engineering, security governance, and defence policy. It offers empirically grounded conclusions relevant to European states seeking to strengthen their cyber resilience amid a shifting threat landscape shaped by statesponsored cyber operations, digital-infrastructure dependencies, and the imperative of collective cyber defence within NATO and EU structures.

Presentation materials

There are no materials yet.